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1 DETAILED ACTION 

2 

3 Claim Rejections • 35 USC §101 

4 35 U.S.C. 101 reads as follows: 

5 Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 

6 matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 

7 conditions and requirements of this title. 
8 

9 Claims 1-8 are rejected under 35 U.S.C. 101 because the claimed 



10 invention is directed to non-statutory subject matter. These claims are non- 

1 1 statutory as all of the claimed features can be implemented in software alone. Thus, 

1 2 these claims are rejected as not being tangible. 
13 

14 



1 5 Claim Rejections - 35 USC § 103 

16 

17 The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

1 8 obviousness rejections set forth in this Office action: 

19 (a) A patent may not be obtained though the invention is not identically disclosed or described as set 

20 forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 

21 the prior art are such that the subject matter as a whole would have been obvious at the time the 

22 invention was made to a person having ordinary skill in the art to which said subject matter pertains. 

23 Patentability shall not be negatived by the manner in which the invention was made. 
24 

25 

26 Claims 1-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 



27 Al-Salqan, "Method and Apparatus for Encoding Keys", U.S. Patent, 6,549,626 in view 

28 of Hosokawa, "Internet Broadcast Billing System", U.S. Patent Publication, 



29 



2001/0023416 A1. 
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1 

2 Regarding claim 1, Al-Salqan discloses: 

3 receiving a first password corresponding a software application (Al-Salqan, col. 

4 2, lines 12-28, 49-63); generating a first mask value based on the first password (Al- 

5 Salqan, col. 4, lines 29-46); combining the first mask value with a first encryption key 

6 (Al-Salqan, col. 4, lines 49-52); 

7 receiving a second password corresponding to the software application (Al- 

8 Salqan, col. 2, lines 12-28, 49-63; fig. 3); generating a second mask value based on the 

9 second password (Al-Salqan, col. 4, lines 29-46; fig. 3); 

1 0 separating a recovered encryption key from the tied key using the second mask 

1 1 value (Al-Salqan, col. 7, lines 45-49; fig. 3), 

12 encrypting data using the recovered generated key (Al-Salqan, Abstract, lines 1- 

13 3; col. 7, lines 37-49; col. 3, lines 52-56). Al-Salqan discloses the encryption of 

14 symmetric encryption keys. When an encryption key becomes lost, an authorized user 

15 of the key may recover the key for use. Al-Salqan discloses that such symmetric 

16 encryption keys are used to encrypt and decrypt data. 

17 Al-Salqan discloses a system designed to ensure the secrecy of a data 

18 encryption key, such as a symmetric key. Secrecy is accomplished by encrypting the 

19 data encryption key. However, though Al-Salqan discloses enabling the secrecy of a 

20 symmetric data encryption key, it does not disclose the enabling of the authenticity of 

21 the key. Thus, Al-Salqan does not disclose wherein the first "encryption key" is derived 

22 from a generated key and a known value the combining resulting a tied key or that the 



Application/Control Number: 10/099,779 Page 4 

Art Unit: 2137 

1 recovered "encryption key" includes a recovered generated key and a recovered known 

2 value. 

3 Hosokawa discloses a method for the verification of the authenticity of a data- 

4 encryption key, the method being performed "as a security measure" (Hosokawa, par 

5 37). This "security measure" of ensuring authenticity is additional to the security 

6 measure of ensuring secrecy - encrypting the data encryption key. The method 

7 comprises the creation of a "tied key", or an "encryption key" derived from a generated 

8 key and a known value (Hosokawa, par. 32, lines 8-12; par. 33, lines 1-5; par. 37, lines 

9 11-13; par. 44, lines 1 1-18). Hosokawa attaches a "known value", a digital signature, to 

10 generated key, and thereby creates a "tied key". After the "tied key" is decrypted, the 

1 1 attached digital signature is compared to an authentic digital signature so as to verify 

12 the authenticity of the generated key. If authentic, the generated key is used for 

13 encrypting data. Thus, Hosokawa discloses a method usable to verify the authenticity 

14 of an encryption key, the method ensuring a measure of security. 

15 It would have been obvious to one of ordinary skill in the art to combine the 

16 method of Hosokawa with the system of Al-Salqan. This would have been obvious 

17 because one of ordinary skill in the art would have been motivated to enhance the 

18 security of the system of Al-Salqan, by not only enabling the secrecy of the data 

19 encryption key, but also the authentication of the data encryption key. Thus, a more 

20 secure system is provided. 
21 

22 ' Regarding claim 2, the combination of Al-Salqan and Hosokawa disclose: 
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1 encrypting the tied key using second encryption key, the encrypting resulting a 

2 first encrypted tied key; returning the first encrypted tied key to the software application 

3 (Al-Salqan, col. 2, lines 54-64; col. 3, lines 16-46; col. 7, lines 1-9). 
4 

5 Regarding claim 3, the combination of Al-Salqan and Hosokawa disclose: 

6 receiving a second encrypted tied key; and combining the second encrypted tied 

7 key with second encryption key, the combining resulting in a recovered tied key (Al- 

8 Salqan, col. 7, lines 37-49; Hosokawa, par. 32, lines 9,10). 
9 

10 Regarding claim 4, the combination of Al-Salqan and Hosokawa disclose: 

1 1 determining whether a matched encryption tied key is available corresponding to 

1 2 the second encryption key; and sending the matched encryption tied key security 

1 3 module response to the determination (Al-Salqan, col. 2, lines 50-57; col. 4, lines 47-65; 

14 fig. 5). 



15 



16 Regarding claim 5, the combination of Al-Salqan and Hosokawa disclose: 

1 7 determining whether a matched encrypted tied key available corresponding to 

1 8 the second encryption key; and sending the first password to a security module 

19 response to the determination (Al-Salqan, col. 2, lines 50-57; col. 4, lines 47-65; fig. 5). 
20 

21 Regarding claim 6, the combination of Al-Salqan and Hosokawa disclose: 
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1 determining whether the recovered known value is correct; and processing a 

2 data file based on the determination (Hosokawa, col. 2, pars. 32, 33; Al-Salqan, 

3 Abstract, lines 1-3; col. 7, lines 37-49; col. 3, lines 52-56). 
4 

5 Regarding claim 7, the combination of Al-Salqan and Hosokawa disclose: 

6 wherein the processing is selected from the group consisting of encrypting the 

7 data file using the recovered generated key and decrypting the data file using the 

8 recovered generated key (Al-Salqan, Abstract, lines 1-3; col. 7, lines 37-49; col. 3, lines 

9 52-56). 
10 

1 1 Regarding claims 8 - 20, they are the system means and computer program 

12 product claims implementing the method of claims 1 - 7, and are rejected for the same 

13 reasons. Further, regarding claim 8 specifically, it is rejected because the combination 

14 of Al-Salqan and Hosokawa disclose: 

1 5 one or more processors; a memory accessible by the processors; one or more 

1 6 nonvolatile storage devices accessible by the processors; a hardware security module 

1 7 accessible by the processors; a data security tool for securing data using the hardware 

18 security module (Al-Salqan, figs. 1, 2; col. 3, lines 16-45). 
19 

20 
21 
22 
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1 Conclusion 

2 

3 The prior art made of record and not relied upon is considered pertinent to 

4 applicant's disclosure: 

5 Al-Salqan, "Methods and Apparatus for Recovering Keys", U.S. Patent 

6 6,160,891. 
7 

8 A shortened statutory period for reply is set to expire 3 months (not less than 90 

9 days) from the mailing date of this communication. 

10 Any inquiry concerning this communication or earlier communications from the 

1 1 examiner should be directed to Jeffery Williams whose telephone number is (571) 272- 

12 7965. The examiner can normally be reached on 8:30-5:00. 

13 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

14 supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 

1 5 number for the organization where this application or proceeding is assigned is (703) 

16 872-9306. 
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Information regarding the status of an application may be obtained from the 



2 Patent Application Information Retrieval (PAIR) system. Status information for 

3 published applications may be obtained from either Private PAIR or Public PAIR. 

4 Status information for unpublished applications is available through Private PAIR only. 

5 For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 

6 you have questions on access to the Private PAIR system, contact the Electronic 

7 Business Center (EBC) at 866-217-9197 (toll-free). 



8 



9 

10 
11 
12 
13 
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